SecretAmplification
|
RADIUS Client API (V3) | |||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
Object
Class to implement 'RADIUS Shared Secret Security Amplification'.
From draft-funk-radiusext-shared-secret-amp-01.txt:
"This draft describes how a mechanism defined in [PKCS-5] can be used
to amplify the security of a RADIUS shared secret; namely, that a
precursor secret is hashed many times to produce an amplified shared
secret for use in RADIUS.
"A dictionary attack against the resulting shared secret will be infeasible due to its high entropy. A dictionary attack against the precursor secret will require the attacker to apply the same hashing process to each candidate precursor secret to derive a candidate RADIUS shared secret, prior to applying it to the RADIUS packet.
"This approach allows administrators to use the same types of secrets that they are comfortable with as precursor secrets. The algorithm to generate the amplified shared secret is deterministic, so the precursor shared secret is all that needs to be remembered.
"Unlike approaches that require changes to RADIUS servers and clients, the amplification approach is compatible with all current equipment. It is simply a means to generate a shared secret, which then may be configured in the NAS or RADIUS server just as any shared secret would be. For example, a simple utility can accept the precursor secret, amplify it, and present it to the administrator, who may copy and paste it into the configuration application of a RADIUS server or NAS."
The result is a 12 character amplified secret instead of a weak, guessable secret. For example a RADIUS client secret of 'testpassword' and using a salt of 'testsalt' results in 'D0z7aIJHzLLGtpj2'. The salt value is optional but increases the entropy of the amplified password.
This does not run very quickly as it's performing over a million SHA-1 HMAC computations. However it does take simple, guessable passwords and makes them a little more difficult to crack.
| Field Summary | |
static int |
DKLEN
Length of output - 12. |
static int |
ITERATIONS
Iterations for the algorithm - 1048576. |
| Constructor Summary | |
SecretAmplification(byte[] precursorSecret,
byte[] salt)
Constructor using the default number of iterations and the standard derived key length. |
|
SecretAmplification(byte[] precursorSecret,
byte[] salt,
int iterations,
int dkLen)
Constructor. |
|
| Method Summary | |
byte[] |
amplify()
Amplify the precursor secret. |
static void |
main(String[] a)
Test of the secret amplification. |
| Methods inherited from class Object |
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
public static final int ITERATIONS
public static final int DKLEN
| Constructor Detail |
public SecretAmplification(byte[] precursorSecret,
byte[] salt)
throws NoSuchAlgorithmException,
InvalidKeyException
precursorSecret - Precursor secret - a string representing an easy to remember secret - UTF-8 encoded.salt - Salt value. This is optional and may be null or empty - UTF-8 encoded.
NoSuchAlgorithmException - if the SHA-1 hash is not available.
InvalidKeyException
public SecretAmplification(byte[] precursorSecret,
byte[] salt,
int iterations,
int dkLen)
throws IllegalArgumentException,
NoSuchAlgorithmException,
InvalidKeyException
precursorSecret - Precursor secret - a string representing an easy to remember secret - UTF-8 encoded.salt - Salt value. This is optional and may be null or empty - UTF-8 encoded.iterations - Number of iterations of the algorithm.dkLen - The number of octets of binary output.
IllegalArgumentException - if dkLen is too long.
NoSuchAlgorithmException - if the SHA-1 hash is not available.
InvalidKeyException| Method Detail |
public byte[] amplify()
public static void main(String[] a)
|
RADIUS Client API (V3) | |||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||